Описание
The HTTP framework on Cisco SPA300, SPA500, and SPA51x devices allows remote attackers to cause a denial of service (device outage) via a series of malformed HTTP requests, aka Bug ID CSCut67385.
Ссылки
- Vendor Advisory
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Vendor Advisory
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1Версия до 7.5.7\(6\) (включая)Версия до 7.5.7\(6\) (включая)
Одновременно
Одно из
cpe:2.3:o:cisco:spa300_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:cisco:spa500_firmware:*:*:*:*:*:*:*:*
Одно из
cpe:2.3:h:cisco:spa300_series_ip_phone:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:spa500_series_ip_phone:-:*:*:*:*:*:*:*
EPSS
Процентиль: 81%
0.01609
Низкий
7.5 High
CVSS3
7.8 High
CVSS2
Дефекты
CWE-399
Связанные уязвимости
CVSS3: 7.5
github
около 3 лет назад
The HTTP framework on Cisco SPA300, SPA500, and SPA51x devices allows remote attackers to cause a denial of service (device outage) via a series of malformed HTTP requests, aka Bug ID CSCut67385.
EPSS
Процентиль: 81%
0.01609
Низкий
7.5 High
CVSS3
7.8 High
CVSS2
Дефекты
CWE-399